Poweroff or Reboot as normal User

permissions sudo root shutdown reboot

80,971

Solution 1

I changed /etc/sudoers so that every user that is in the admin group can execute the following commands without being ask for a password.

sudo halt
sudo reboot
sudo poweroff

You just need to add the following lines to /etc/sudoers

## Admin user group is allowed to execute halt and reboot 
%admin ALL=NOPASSWD: /sbin/halt, /sbin/reboot, /sbin/poweroff

and add yourself to the admin group.

If you want only one user to be able to do this just remove the %admin and replace it with username like this

## user is allowed to execute halt and reboot 
stormvirux ALL=NOPASSWD: /sbin/halt, /sbin/reboot, /sbin/poweroff

You can find out more about /etc/sudoers with man sudoers or the online manpage

Solution 2

You can also create a new file under /etc/sudoers.d name it as you wish(I named it 'shutdown'), and put the following lines inside:

# Allows me to shutdown the system without a password

yourUserName ALL = NOPASSWD: /sbin/halt, /sbin/reboot, /sbin/poweroff

Just change "yourUserName" for YOUR User Name, and add or remove commands to use, personally I use it only for shutdown. One of the main difference of creating a particular file under sudoers.d is that this file will survive System Upgrades

Solution 3

You can also achieve this by trick with setuid. I don't know if it will work on all systems, because they sometimes ignore setuid/setgid bit.

You can specify a group of users who can perform change of system state in my case it was adm. Then add appropriate users to this group.

gpasswd -a $USER adm

Specify permissions:

chmod 4550 /usr/bin/reboot

ls -l outpus should look like this:

-r-sr-x--- 1 root adm 18928 Mar 13  2015 /usr/bin/reboot

Afterwards you can just type:

reboot

Solution 4

Simplest solution:

sudo echo $USER >> /etc/shutdown.allow

Then you're able to use one of this commands:

shutdown -ah now   // halt
shutdown -ar now   // reboot

According man shutdown there is -a option for non-root usage:

If shutdown is called with the -a argument (add this to the invocation of shutdown in /etc/inittab), it checks to see if the file /etc/shutdown.allow is present. It then compares the login names in that file with the list of people that are logged in on a virtual console ...

It works in Debian Linux. And there is limit for 32 user names in /etc/shutdown.allow.

Solution 5

Another way to achieve not only boot privileges but access to all systemctl services for a specific user or group in a Debian system is doing this:

sudo chown root:myuserorgroup /bin/systemctl
sudo chmod 4755 /bin/systemctl

Because all boot scripts /sbin/shutdown, /sbin/poweroff, /sbin/reboot are links to /bin/systemctl, changind its permissions and ownership grants the necessary privilege to execute it as root user.

Be aware that the user will be able to execute all systemctl operations. This may sound as a security threat, but it is a simple general solution to embbeded systems where your default user must not only have the access rights to shudown but also to work with all the other system services related to systemctl.

View more solutions

80,971

Stormvirux

profile for Stormvirux on Stack Exchange, a network of free, community-driven Q&A sites http://stackexchange.com/users/flair/447199.png

Updated on September 18, 2022

Comments

Stormvirux almost 2 years

To run the command poweroff or reboot one needs to be super user. Is there anyway I can run this as a normal user? I just don't want to sudo and enter my password every time I reboot or power off.
- jasonwryan almost 11 years
  
  The answer depends on which init system your distro uses... For example, with systemd and an active logind session you can reboot or poweroff without elevated privileges providing no other user is still logged in...
- Stormvirux almost 11 years
  
  @jasonwryan I am currently using Ubuntu which doesnot use systemd by default.So you mean other Distros such as Arch can reboot without elavated privileges?
- jasonwryan almost 11 years
  
  Yes: as per the conditions in my first comment.
fpmurphy over 6 years

No such option on Fedora, CentOS or RHEL.
Raphael Ahrens over 6 years

This is also not working for Ubuntu, at least that is what I get from the docs. It would be helpful to see if this is a Debian only feature.
patricktokeeffe over 4 years

If you choose this approach, ensure that /etc/sudoers has an appropriate #include directive to read files from /etc/sudoers.d/.
tink over 4 years

Still not in Ubuntu (18.04) in 2020 =}
TrentP over 4 years

Don't do this with systemd! With systemd, the reboot command is a symlink to systemctl, so you'll actually change systemctl to be setgid, and systemd does some security stuff (like don't trust env variables in setuid/gid programs) that will break it when setuid/gid.
Thawn over 2 years

I would generally not do this. Setuid is a security risk (see the comment about systemd). Which you can easily avoid using sudo as explained in some of the other answers.
hurufu over 2 years

Thanks for pointing that out, but I don't see a security risk here. If reboot is a symbolic link then of course don't do it, but if you don't use systemd as an init system and your reboot program is small and does only one thing then everything is Ok. You should just always use some common sense before using whatever solution you've found on the internet. Regarding an answer involving modification of sudoers file - it still requires to enter sudo reboot which doesn't address OP's wish to not write sudo at all.